Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
 A malicious PostScript file could delete files with the privileges of
 the invoking user.
Origin: vendor
Bug-Debian: http://bugs.debian.org/742902
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2014-03-28

--- a/contrib/fixps.in
+++ b/contrib/fixps.in
@@ -389,7 +389,7 @@
   	eval "$command" ;;
       gs)
         $verbose "$program: making a full rewrite of the file ($gs)." >&2
-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
     esac
   )
 fi
--- a/contrib/fixps.m4
+++ b/contrib/fixps.m4
@@ -307,7 +307,7 @@
   	eval "$command" ;;
       gs)
         $verbose "$program: making a full rewrite of the file ($gs)." >&2
-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
     esac
   )
 fi
ass='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c'>refs</a><a class='active' href='/guix/log/build-aux/update-NEWS.scm?showmsg=1'>log</a><a href='/guix/tree/build-aux/update-NEWS.scm?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c'>tree</a><a href='/guix/commit/build-aux/update-NEWS.scm?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c'>commit</a><a href='/guix/diff/build-aux/update-NEWS.scm?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/build-aux/update-NEWS.scm'>
<input type='hidden' name='id' value='1db4bc56586c0a3ca1b46883a57d877ab5ee916c'/><input type='hidden' name='showmsg' value='1'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c&amp;showmsg=1'>root</a>/<a href='/guix/log/build-aux?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c&amp;showmsg=1'>build-aux</a>/<a href='/guix/log/build-aux/update-NEWS.scm?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c&amp;showmsg=1'>update-NEWS.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/build-aux/update-NEWS.scm?id=1db4bc56586c0a3ca1b46883a57d877ab5ee916c'>Collapse</a>)</th><th class='left'>Author</th></tr>
<tr class='logheader'><td><span title='2019-05-20 11:50:21 +0200'>2019-05-20</span></td><td class='logsubject'><a href='/guix/commit/build-aux/update-NEWS.scm?id=996ecaf64e397341dbed70198032ce828040e5ac'>maint: update-NEWS: Track "gcc-toolchain", not "gcc".</a></td><td>Ludovic Courtès</td></tr>
<tr class='nohover-highlight'><td/><td colspan='3' class='logmsg'>
This is a followup to d78010b81ee6ef4fd8803082e2f401b9e55b44db.

* build-aux/update-NEWS.scm (write-packages-updates)[important]: Replace
"gcc" by "gcc-toolchain".


</td></tr>

Age	Commit message (Collapse)	Author
2019-05-20	maint: update-NEWS: Track "gcc-toolchain", not "gcc".	Ludovic Courtès
	This is a followup to d78010b81ee6ef4fd8803082e2f401b9e55b44db. * build-aux/update-NEWS.scm (write-packages-updates)[important]: Replace "gcc" by "gcc-toolchain".